Possible to keep .htpasswd above www...
Hi! I've read that it is safer and more secure if the .htpasswd file is kept in a private folder above the www root directory, so that the file cannot be web-accessible. WAM by default seems to put the file in the www root directory. Is there any way to make it use a higher level private folder?
Currently, the .htpasswd file is residing in "/public_html/" along with .htaccess and index.html.
I would like .htpasswd to be in "/.htpasswds/", but leaving .htaccess and index.html in "/public_html/".
Can this be done?
Currently, the .htpasswd file is residing in "/public_html/" along with .htaccess and index.html.
I would like .htpasswd to be in "/.htpasswds/", but leaving .htaccess and index.html in "/public_html/".
Can this be done?
Sorry, but no. They all go in the server root folder.
Learn the essentials with these quick tips for Responsive Site Designer, Responsive Email Designer, Foundation Framer, and the new Bootstrap Builder. You'll be making awesome, code-free responsive websites and newsletters like a boss.
Thanks Scott. Do you think there is much of a risk by having .htpasswd in the root folder, or should I not worry too much?
Paul Finnemore wrote:
Thanks Scott. Do you think there is much of a risk by having .htpasswd in the root folder, or should I not worry too much?
Thanks Scott. Do you think there is much of a risk by having .htpasswd in the root folder, or should I not worry too much?
None at all. Apache will not even allow those files to be viewable over the Web.
Learn the essentials with these quick tips for Responsive Site Designer, Responsive Email Designer, Foundation Framer, and the new Bootstrap Builder. You'll be making awesome, code-free responsive websites and newsletters like a boss.
That's good news, and thanks again. Excellent program by the way, very easy to use and just what I was looking for.
Have something to add? We’d love to hear it!
You must have an account to participate. Please Sign In Here, then join the conversation.